Passwords are a pain. Unless you have a perfect memory, you’re bound to forget them from time-to-time. With a new security breach in the news almost daily, now is the time to make sure you’re doing everything you can to stay safe online. Here’s a quick guide on how to get those passwords under control, and keep your information safe and sound.
Step 1: Understand Password Security
Passwords are the single greatest protection you have in preventing unauthorized access to your online accounts. Unfortunately, our ability to create strong passwords is limited by our ability to remember said passwords. This creates two problems:
1. Using the same (or similar) password everywhere
If you use the same password everywhere, all your accounts are at risk if even one of said accounts are compromised (hacked). While this solves the memorization problem, it is a very unsafe practice. Similarly, using a variation of each password with the site’s name (e.g. “password123_fb” for facebook or “password123_gm” for gmail) is just as unsafe, because any hacker with an ounce of common sense will instantly recognize the pattern.
2. Writing all your passwords down in one place
Writing all of your passwords down on a piece of paper (or in a word document) is inefficient, insecure, and just plain cumbersome. First of all, if the computer or paper is lost or stolen, you are completely out of luck. More than likely, the thief has access to every password you have. Secondly, keeping a list manually encourages the bad practice using short and easy-to-guess passwords, since they are easier to write down manually. Third, you must always be in the exact location where your list is stored to have access to any of these accounts, which is extremely inconvenient.
Step 2. Learn about Password Managers
Nowadays, utilizing a password manager is a no-brainer. Many are skeptical of using a cloud-based software to store their passwords, but a password manager is (by far) the most efficient, safe, and smart method of storing your passwords (even more secure than your brain). Here’s how they work:
Password managers encrypt and store all of your passwords securely in the cloud, and can only be accessed on any of your devices with a master password of your choosing. Most have a web-browser extension that lets you auto-fill passwords right on the website, saving time and frustration by remembering and inputing passwords for you.
If you still aren’t convinced, here are some more advantages to using a password manager:
1. The safest password is one you can’t remember
Most password managers are able to generate incredibly complex passwords that would be difficult to crack, and can change the type of password to your liking (i.e. number of letters, making it pronounceable, adding numbers/special characters).
2. Access your passwords anywhere
Usually, password managers have a mobile version that you can access on your phone - allowing you to quickly find a password while on-the-go. You can also download the password manager on another computer and simply log in with your master password to gain access on another machine.
3. Store passwords securely
Almost all password managers encrypt your information using industry-standard 256-bit AES encryption. Because these companies spend thousands of dollars and have dedicated engineers who are in charge of keeping everything secure and up to date, it is very unlikely that someone will be able to gain access to your bank of passwords.
4. Get notified about security breaches
Since security is the name of the game, most password managers include a service that informs you (via text or email) if a site you have credentials for has been compromised. No more watching the news to see if your accounts might be in danger.
5. Easily perform a security overhaul
Almost all password managers provide some sort of service to help you change all your passwords quickly to something more secure. They will let you know if you’re using the same password on multiple sites, and how strong your current passwords are.
6. Store more than passwords
Applications that handle your passwords securely can also handle other sensitive information with the same level of protection and ease of use. For example, you can store a credit/debit card number so that you don’t have to manually enter it every time when online shopping. You can add secure notes to jot down sensitive information.
Step 3: Choose a Password Manager
Most browsers (Firefox, Chrome, Safari, Internet Explorer, etc.) offer some sort of way to save passwords, but they aren’t nearly as secure as some of the dedicated password managers out there. For your convenience, here are four of our favorite password managers, along with a brief description, cost, compatibility, and some pros/cons:
iCloud Keychain
Cost: Free
Compatibility: Mac/iOS only
iCloud Keychain is built in to iCloud, so it is included with any mobile device running iOS 7.0.9 or later, or any Mac running OS X 10.9 or later. It is incredibly easy to use, and comes built in to the Safari browser.
The only downsides to iCloud Keychain involve security and access. Your passwords/credit cards are available to anyone with access to your device, so as long as they can get past the lockscreen, they can login anywhere (no master password). It is difficult to view a collection of all the items you have stored, especially on iPhone/iPad, and there is no dedicated interface for it.
iCloud Keychain is excellent for the beginner to get the hang of a password manager, or to supplement more feature-packed software by only storing less important sites.
1Password
Cost: $49.99 for Mac/PC, Free for Mobile ($10 for Pro Features)
Compatibility: Mac/PC, iOS, Android
1Password is by far the most popular, and best looking password manager around. It works flawlessly with any web browser, has a dedicated vault to store and view your data, and has a feature-packed mobile app. It also allows you to share passwords securely when you need to give access to someone without them permanently having your password. However, at $49.99, it’s also the most expensive solution.
LastPass
Cost: Free for Mac/PC, $12 a year for Premium/Mobile App
Compatibility: Mac/PC/Web, iOS, Android
LastPass is my personal favorite. It’s web-based, so you can login anywhere in the world to lastpass.com to access your vault, without downloading software. You can sort your passwords into folders, making it easy to separate business accounts from personal ones. It has tons of two-factor authentication options, and it’s completely free. The “premium version” costs just $1/month, and gives you access to mobile apps along with a few more features.
Dashlane
Cost: Free for Mac/PC/Mobile ($39.99 a Year for Pro Features)
Compatibility: Mac/PC, iOS, Android
Dashlane’s advantage lies in its price. It is the only option that is fully-featured while still being free. There’s a fee you can pay per year for “pro” features, but the average user probably won’t need these. Click here for a more in-depth review of Dashlane from the CityMac blog team.
Step 4: Add New Accounts
Most password managers include a browser extension that prompts you to save a new password any time you create a new account on a website. This is crucial; use your new password manager to generate a secure password, and save it. Doing this every time is the best way to ensure you’ll never forget that password again.
Step 5: Relax
What a relief. You now only have one master password to memorize. Now that you know how to manage your passwords like a pro, sit back, relax, and let your brain focus on the things that are really important in life.